1. Introduction

As defined in the Occupational Health and Safety Act (OHSA) a health and safety management system “means a coordinated system of procedures, processes and other measures that is designed to be implemented by employers in order to promote continuous improvement in occupational health and safety”. For the purposes of this standard, the above definition applies to an occupational health and safety management system (OHSMS).

It is a systematic approach that encourages and promotes the continual improvement of the management of occupational health and safety (OHS) in the workplace.

This voluntary Occupational Health and Safety Management System Accreditation Standard is intended to identify excellence in OHS management through the accreditation of occupational health and safety management systems by the Chief Prevention Officer.

This Standard has been prepared as part of the voluntary Supporting Ontario's Safe Employers Program under the Occupational Health and Safety Act (OHSA). It is not intended to replace the OHSA or the regulations and reference should always be made to the official version of the legislation.

It is the responsibility of the workplace parties to ensure compliance with the legislation. This Standard does not constitute legal advice. If you require assistance with respect to the interpretation of the legislation and its potential application in specific circumstances, please contact your legal counsel.

While this Standard will be made public, Ministry of Labour, Training and Skills Development inspectors will apply and enforce the OHSA and its regulations based upon the facts as they may find them in the workplace. This Standard does not affect their enforcement discretion in any way.

2. Purpose and objectives

The purpose of this Standard is to outline the elements that occupational health and safety management systems must contain in order to be accredited by the Chief Prevention Officer (CPO).

The objectives of the Occupational Health and Safety Management System Accreditation Standard are to:

  1. outline a best practice standard for effective occupational health and safety management systems
  2. reinforce the cooperation of all workplace parties in the promotion of the Internal Responsibility System (IRS)
  3. encourage workplaces without occupational health and safety management systems to work towards adopting an occupational health and safety management system
  4. encourage employers who have already implemented an occupational health and safety management system to engage in the continual improvement of their system, and
  5. encourage employers to champion health and safety in their business sector

3. Definitions

This section defines specific terms as they relate to this Standard and in the context of occupational health and safety management system requirements found under each element.

Audit
systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.
Audit program
a set of one or more audits planned for a specific time frame and directed towards a specific purpose.
Competency
as outlined in 5.2.6.1.
Conformity
fulfillment of a requirement. For the purpose of this Standard, conformance is synonymous with conformity.
Continual improvement

recurring process of enhancing the occupational health and safety management system in order to achieve improvements in overall OHS performance consistent with the organization’s OHS policy, to:

  1. enhance OHS performance
  2. promote a culture that supports an occupational health and safety management system
  3. promote participation of workers in implementation of actions for continual improvement of the occupational health and safety management system
  4. communicate relevant results of continual improvement to workers, and where they exist, worker representatives
  5. maintain and retain documented information of the results of continual improvement
Consultation
process by which the organization seeks the views of the workers, worker representatives, and workplace parties before it makes a decision.
Contractor
person or organization providing services to another organization in accordance with agreed-upon specification, terms and conditions.
Corrective action
action to eliminate the cause of a detected nonconformity or other undesirable situation (for the purposes of this Standard, this refers to any action taken to correct an existing OHS problem or hazard.)
Document
medium containing information related to the occupational health and safety management system.
Hazard
source, situation or act with a potential for harm in terms of human injury.
Hazard identification
process of recognizing that a hazard exists and defining its characteristics.
Incident
work related event(s) in which an injury, fatality or occupational illness occurred; and includes event(s) where no injury or illness occurred, such as a near hit or property damage.
Interested parties
persons or groups, inside or outside the workplace, concerned with or affected by the OHS performance of an organization.
Internal Audit
is conducted internally by the organization, or can be carried out by an external party on the organization’s behalf if the organization does not have the internal resources. Note: the use of an external party for the purposes of internal audit does not replace third party audit requirements for seeking recognition
Legal requirements
all applicable legislation, including but not limited to the Occupational Health and Safety Act and its regulations.
Non-conformity
non-fulfillment of a requirement.
Occupational Health and Safety (OHS)
conditions and factors that affect, or could affect the health and safety of employees or other workers, inclusive of temporary workers and contractor personnel, visitors, suppliers, vendors, or any other person in the workplace.
Occupational Health and Safety Management System (OHSMS)
a coordinated system of procedures, processes and other measures that is designed to be implemented by employers in order to promote continuous improvement in occupational health and safety.
Occupational Illness
as defined in the OHSA, “means a condition that results from exposure in a workplace to a physical, chemical or biological agent to the extent that the normal physiological mechanisms are affected and the health of the worker is impaired thereby and includes an occupational disease for which a worker is entitled to benefits under the Workplace Safety and Insurance Act, 1997.”
OHS Objective
OHS goal, in terms of OHS performance, that an organization sets itself to achieve.
OHS Performance
measurable results of an organization’s management of its OHS risks.
OHS Policy
overall intentions and direction of an organization related to its OHS performance as formally expressed by senior management in relation to the implementation of OHSMS.
Organization
company, corporation, firm, enterprise, authority or institution, or part or combination thereof, whether incorporated or not, public or private, that has its own functions, management and administration.
Other requirements
requirements or provisions the organization subscribes, however are not legally binding, such as industry standards.
Participation
involvement of workers, or worker representatives, in decision-making process(es) regarding the occupational health and safety management system.
Plan
detailed method for doing or achieving something.
Preventative action
action to eliminate the cause of a potential non-conformity or other undesirable potential situation (for the purposes of this Standard, this refers to any action taken to fix a potential OHS problem)
Procedure
a documented, specified method to carry out an activity.
Process
a set of interrelated or interacting activities that transforms inputs into outputs.
Record
document stating results achieved or providing evidence of activities performed.
Residual risk
combination of the likelihood of the occurrence after the hierarchy of controls has been implemented for an identified hazard.
Risk
combination of the likelihood of an occurrence of a hazardous event or exposure(s) and the severity of injury or occupational illness that can be caused by the event or exposure(s).
Risk assessment
process of evaluating the risk(s) arising from a hazard(s), taking into account the adequacy of any existing controls, and deciding whether or not the risk(s) is acceptable.
Senior management
the person(s) at the highest level of an organization’s structure responsible for leading, managing and/or directing an organization’s day-to-day activities and/or operations.
Third Party Audit
are performed by an external auditor or audit organization independent of the customer-supplier relationship, the employer and/or organization, as well as being free of any conflict of interest. Independence of the auditor or audit organization is a key component of a third-party audit.
Worker

as defined in the OHSA “means any of the following, but does not include an inmate of a correctional institution or like institution or facility who participates inside the institution or facility in a work project or rehabilitation program:

  1. A person who performs work or supplies services for monetary compensation.
  2. A secondary school student who performs work or supplies services for no monetary compensation under a work experience program authorized by the school board that operates the school in which the student is enrolled.
  3. A person who performs work or supplies services for no monetary compensation under a program approved by a university, private career college or other post-secondary institution.
  4. Such other persons as may be prescribed who perform work or supply services to an employer for no monetary compensation.”
Worker representative

a non-managerial worker who is:

  1. A worker member of the Joint Health and Safety Committee, or a health and safety representative selected by workers according to relevant legislation;
  2. A representative of workers according to the requirements of a collective agreement; or
  3. Selected by non-managerial workers for other reasons.
Workplace
as defined in the OHSA, “means any land, premises, location or thing at, upon, in or near which a worker works.”
Workplace parties
includes, but is not limited to, the employer, supervisor(s), workers, constructor, and owner.

4. Voluntary Supporting Ontario's Safe Employers Program

4.1 Process for the Supporting Ontario’s Safe Employers program

Sections 7.6.1 to 7.6.5 of the OHSA provide the CPO with authority to establish an OHSMS accreditation standardand employer recognition criteria. Specifically, the CPO may:

  • establish standards that health and safety management systems must meet to become accredited
  • accredit health and safety management systems that meet these standards
  • revoke or amend an accreditation or recognition for a system or employer
  • establish criteria that employers would need to meet to become recognized
  • give recognition to an employer, upon the employer’s application, if the employer is a certified user of an accredited health and safety management system and the employer meets the criteria established by the CPO
  • publish the names of accredited health and safety management systems and recognized employers, and
  • collect whatever information, records or accounts he or she may require pertaining to the accreditation or recognition

An organization seeking to have their occupational health and safety management system accredited by the CPO as meeting the CPO OHSMS Accreditation Standard must have their system evaluated by the ministry.

4.2 Accreditation of occupational health and safety management systems

The Ministry of Labour, Training and Skills Development recognizes that there are multiple occupational health and safety management system standards available, and that there are also individually designed occupational health and safety systems that are established and implemented for the specific needs of an individual organization.

In the interest of flexibility to allow employers to implement an existing standard or create a customized management system, the CPO has developed this Standard to acknowledge and accept different occupational health and safety management systems for review, provided that organizations are able to demonstrate that their occupational health and safety management systems meets the requirements of each of the elements of this Standard. The elements in this Standard are commonly found in, and are consistent with, nationally and internationally recognized occupational health and safety management systems standards.

As defined in the OHSA, a health and safety management system “means a coordinated system of procedures, processes and other measures that is designed to be implemented by employers in order to promote continuous improvement in occupational health and safety”.

Like other workplace management systems, an occupational health and safety management system utilizes a “plan – do – check – act” cycle to implement, promote, monitor, and continuously improve all aspects of the health and safety performance of a workplace.

This Standard establishes the requirements that an occupational health and safety management system must meet in order to be accredited by the CPO.

For an occupational health and safety management system to receive CPO accreditation, it must be:

  1. a management system standard that has been developed by technical committees comprised of representatives from industry, research organizations, not-for-profit and/or government and adopted by a national or international standardizing/standards organization, or
  2. an industry-based management system standard developed by a technical advisory committee consisting of subject matter experts, or
  3. an organization-specific management system that can be verified to have been successfully implemented and active in a workplace, or workplaces, as defined by the Occupational Health and Safety Act

If an employer seeks recognition by the CPO, verification of successful third party audit completion must be provided in a form acceptable to the CPO in conformance with third party audit criteria specified in the CPO Employer Recognition Criteria.

Third party audit requirements are separate and in addition to internal audit requirements, as identified in the occupational health and safety management system.

4.3 Recognition of employers who implement accredited occupational health and safety management systems

The aim of this voluntary program is to provide a framework to recognize employers who successfully implement an accredited occupational health and safety management system in their workplace, and who can meet additional criteria that demonstrates health and safety performance.

The CPO Employer Recognition Criteria, which includes additional criteria required to be met by an employer who seeks to receive recognition, accompanies this Standard, and should be read in conjunction with this Standard before submitting an application for recognition.

Organizations must ensure their occupational health and safety system is accredited before employers using that system are eligible for recognition. In order to do so, an organization must be able to demonstrate its occupational health and safety management system meets each requirement of the CPO OHSMS Accreditation Standard.

The occupational health and safety management systems must have gone through an entire “plan – do – check – act” cycle, at the workplace where they are implemented including a complete internal audit and Management Review at least once prior to the employer applying for recognition.

For employers that have implemented an accredited occupational health and safety management system, the criteria for recognition is outlined in the CPO Employer Recognition Criteria.

5. Elements

The purpose of this Standard is to outline the requirements an occupational health and safety management system will need to include in order to be accredited by the CPO.

5.1 Leadership, commitment and participation

5.1.1 Leadership and commitment

5.1.1.1 Commitment, leadership and effective participation are crucial to the success of an Occupational Health and Safety Management System.

5.1.1.2 Senior Management shall take ultimate responsibility for the organization’s occupational health and safety (OHS) performance and the occupational health and safety management system (OHSMS).

5.1.1.3 Senior Management shall ensure the availability of resources necessary for the organization to establish, implement, maintain and improve the OHS management system.

5.1.1.4 Senior Management shall assign the authority and responsibilities to ensure the occupational health and safety management system conforms to the requirements of this standard.

5.1.1.5 Senior Management shall promote and support:

  1. effective processes to identify and eliminate identified hazards and control associated residual risk(s) where elimination is not possible
  2. participation of workplace parties at all levels and functions
  3. continual improvement of the occupational health and safety management system overall

5.1.1.6 Senior Management shall demonstrate leadership and commitment with respect to the occupational health and safety management system by:

  1. taking overall responsibility and accountability for the protection of workers’ health and safety in the workplace
  2. planning and promoting the effective implementation and continual improvement of the occupational health and safety management system
  3. defining roles, assigning responsibilities and establishing authorities and accountabilities for the effective implementation and continual improvement of the  occupational health and safety management system
  4. ensuring those components identified in 5.1.1.6 (c) are documented and communicated to all affected parties
  5. ensuring workers, and worker representatives (as applicable), are consulted and provided the opportunity to participate in the establishment and maintenance of any element of the occupational health and safety management system
  6. ensuring the OHS Policy and related OHS objectives are established attainable, measurable, and achieved
  7. reviewing and evaluating the occupational health and safety management system at regularly planned intervals

5.1.2 Worker participation

5.1.2.1 The organization shall establish, implement, monitor and maintain a procedure(s) or process(es) to ensure worker participation in the planning, implementation and evaluation of the occupational health and safety management system.

5.1.2.2 The organization shall provide workers, or worker representatives, with the mechanisms, time and resources necessary to participate in any element of the occupational health and safety management system.

5.1.2.3 The organization shall provide workers, or worker representatives, with timely access to information relevant to the occupational health and safety management system and processes for ensuring participation.

5.1.2.4 The organization shall:

  1. Encourage and support worker participation by identifying and removing barriers to participating in the occupational health and safety management system;
  2. Ensure workers, or worker representatives, are informed, consulted, and given the opportunity to participate in all aspects of OHS within the workplace, such as:
    1. hazard identification, risk assessments and determination of controls
    2. incident investigations
    3. development and review of OHS policies, procedures, processes and objectives
    4. consultation where any changes may affect their OHS
    5. representation on any other OHS matters, as appropriate, and
    6. access to relevant reports

5.1.3 Communication

5.1.3.1 The organization shall establish, implement and maintain a process for:

  1. communicating information about the occupational health and safety management system, OHS Policy and implementation progress to all workplace parties
  2. internal OHS communication among various levels and functions within the organization
  3. OHS communication with external stakeholders
  4. receiving, documenting and responding appropriately to internal and external communications related to OHS
  5. identifying and resolving potential barriers, such as ability, language skills and literacy
  6. reporting of a workplace incident, actual and potential hazard or risk in a timely manner
  7. ensuring that OHS input from workers or other workplace parties are received, considered and responded to in a timely manner, and
  8. the organization shall ensure affected external parties are consulted and informed about pertinent OHS matters when appropriate

5.2 Planning and implementation

5.2.1 OHS policy

5.2.1.1 Senior Management shall establish, implement, monitor and maintain an OHS Policy appropriate to the scale and nature of the organization’s operations and activities, and associated risks.

5.2.1.2 The organization shall define and document the scope of its occupational health and safety management system.

  1. The scope of the occupational health and safety management system shall take into account the size, nature and needs of the organization, and
  2. Be reflective of the operations and/or activities of the organization.

5.2.1.3 The OHS Policy shall include a statement confirming commitment to the:

  1. prevention of injury and occupational illness,
  2. compliance with applicable OHS legal and other requirements for which the organization subscribes,
  3. consultation and participation with workers, worker representatives, and other workplace parties as appropriate, and
  4. continual improvement of occupational health and safety management system and OHS performance

5.2.1.4 The OHS Policy must:

  1. provide a framework for setting and reviewing OHS objectives,
  2. be documented, implemented and maintained,
  3. be communicated and made readily available to affected parties,
  4. be reviewed as often as is necessary, and
  5. be approved by senior management

5.2.2 Identification of hazards, risk assessment and determination of controls

5.2.2.1 The organization shall establish, implement and maintain a hazard identification and risk assessment process to adequately identify hazards and prioritize risks based on the nature of the hazards and level of risk for each of its routine and non-routine operations and/or activities.

5.2.2.2 Risk Assessments shall be conducted:

  1. by a competent person
  2. proactively prior to the commencement of performing any task(s) related to the operations and/or activity
  3. prior to the introduction, start-up or use of new equipment, material, substance or process
  4. as part of the Management of Change process when there is a change to existing equipment, material, chemical or process, and
  5. when there is a change to the occupational health and safety management system that may impact upon the workplace operations and/or activities

5.2.2.3 The process for identifying hazards and assessing the associated risk shall consider relevant workplace factors as they relate to people, processes, equipment, material, and working environment. These workplace factors may include, but not limited to:

  1. hazards created in the workplace or in the vicinity of the workplace by work-related activities
  2. identified hazards originating outside of the workplace that may impact on the health and safety within the workplace for which the organization has control
  3. workers at a location not under direct control of the organization
  4. activities of any person having access to the workplace, including any other workplace party at the workplace
  5. legal requirements related to the work activities, inclusive of regulatory controls
  6. the design and layout of the work area, installations, machinery, equipment, processes, related procedures or controls
  7. human interaction within the workplace, or any other human factor(s) that may impact on the health and safety of a worker or another person
  8. hazards associated with the start-up; use/operation; maintenance; and upset and shut down conditions of machinery, equipment or processes

5.2.2.4 When determining control measures with respect to the identified hazards and prioritized risks, the organization shall consider reducing the risk utilizing the hierarchy of controls principle. Control measures should reflect the following hierarchy:

  1. elimination
  2. substitution
  3. engineering controls
  4. administrative controls
  5. personal protective equipment

5.2.2.5 The organization shall ensure the OHS risks and associated control measures are taken into account when establishing, implementing, monitoring and maintaining the occupational health and safety management system.

5.2.2.6 All hazard identifications, risk assessments and associated control measures shall be documented, kept current, reflect actual practice and relevant documents be made readily available to affected workplace parties.

5.2.3 Preventative and protective control measures

5.2.3.1 For the operations and/or activities where hazards have been identified and risks assessed, the organization shall establish, implement, monitor and maintain control measures to adequately protect against or otherwise control the risks.

5.2.3.2 Control measures must identify the hazard and eliminate or reduce the risk to as low as reasonably achievable level, and should take into account issues relevant to control measures, including but not limited to:

  1. the nature, extent, and potential consequences of the hazards and risks identified
  2. any person, who may be or become exposed to the hazard or risk as a result of the workplace operations and/or activities
  3. purchased goods, equipment and services
  4. applicable legal and other requirements
  5. relevant standards, requirements, guidelines, codes of practice, manufacturer /supplier instructions or other relevant considerations related to the operations of the organization

5.2.3.3 Control measures shall be documented, communicated to affected workplace parties, and made readily available at the point of use as required.

5.2.4 Legal and other requirements

5.2.4.1 The organization shall establish, implement and maintain a procedure to identify and document legal requirements; as well as other requirements for which the organization subscribes.

5.2.4.2 All legal and other requirements shall be taken into account, and incorporated as appropriate, into the establishment, implementation and maintenance of the occupational health and safety management system.

5.2.4.3 The organization shall ensure that the documentation of legal and other requirements are kept current, and that relevant information related to the legal and/or other requirements are communicated to the workplace parties as appropriate.

5.2.4.4 The organization shall establish, implement and maintain a procedure to evaluate at regularly planned intervals compliance with all legal requirements; as well as other requirements, for which the organization subscribes.

5.2.4.5 The organization shall ensure records of evaluations are documented and records are retained.

5.2.5 OHS objectives

5.2.5.1 The organization shall have a process to establish, implement, monitor and maintain documented OHS objectives, with targets, for relevant functions and levels within the organization.

5.2.5.2 The objectives and targets shall:

  1. be measurable
  2. be consistent with the OHS Policy as stated in 5.2.1
  3. take into account:
    1. review of previous objectives
    2. year to year statistics and comparisons
    3. applicable requirements
  4. be communicated
  5. include other considerations such as:
    1. leading and lagging measures
    2. OHS hazards and results of resk assessments
    3. occupational health and safety management system deficiencies or non-conformance
    4. opportunities for continual improvement
    5. views of workplace parties and the results of consultation with workers and where they exist, workers’ representatives
    6. physical, mechanical and technological options
    7. operational business and financial requirements of the organization

5.2.5.3 The organization shall establish, implement, monitor and maintain a plan(s) to achieve its objectives, and include:

  1. the designation of responsibility and authority for achieving the objectives
  2. identification of the means and timeframe by which the objectives are to be achieved, and
  3. provisions for the program or plan(s) to be reviewed at regular intervals and revised as appropriate, to ensure the objectives are achieved

5.2.6 Competency and training

5.2.6.1 The organization shall ensure that any person performing a task for, or on behalf of, the organization is competent to do so by means of appropriate:

  1. knowledge of the hazards and risks associated with the tasks for the operations and activities
  2. demonstrated understanding and working knowledge of the control measures associated with the hazards and risks
  3. training with regard to the hazards, risks and associated control measures, and
  4. aptitudes, such as skillset, ability and willingness to deal with the hazards, risks and control measures

5.2.6.2 The organization shall establish, implement, monitor and maintain a process for OHS training that ensures a training needs analysis or assessment for each position is conducted and training is provided by a competent person.

5.2.6.3 In addition to OHS training every worker shall be made aware of:

  1. roles, responsibilities and rights
  2. the purpose of the occupational health and safety management system, and its respective elements
  3. importance of conformity to the OHS Policy, procedures and the occupational health and safety management system overall
  4. legal and other requirements, inclusive of potential consequences for deviations or noncompliance
  5. importance of worker, and worker representatives, participation within the occupational health and safety management system, and
  6. any such requirement to ensure any person is able to meet the requirements of Section 5.2.6.1.

5.2.6.4 The organization shall ensure required training or instruction is provided for each individual prior to the individual performing the required task.

5.2.6.5 The organization must take into account the differing levels of responsibility, literacy, language skills, overall ability and likelihood of exposure to the hazards and risk of the learner.

5.2.6.6 The organization shall retain a record of training for each individual for, as a minimum, the duration the training record is valid.

5.2.7 Emergency prevention, preparedness and response

5.2.7.1 The organization shall establish, implement, monitor and maintain procedure(s) to:

  1. identify potential emergency situations
  2. prevent, as far as reasonably practical, an emergency situation from occurring
  3. establish documented Response Plans for how to respond to emergency situations
  4. prevent or minimize injury or occupational illness, for the identified emergency situations, and
  5. test or drill the identified emergency situations

5.2.7.2 The organization shall identify the necessary resources to implement the prevention procedures and activate the response plans, including taking into account the needs of other interested parties, such as emergency services, authorities, or the general public.

5.2.7.3 The organization shall also ensure that drills or testing of the response plans for the identified emergency situations are conducted at regularly planned intervals and in a manner that does not introduce new hazards. Records of drills and tests shall be retained.

5.2.7.4 Emergency prevention procedures and response plans shall be reviewed periodically, and revised as appropriate.

5.2.7.5 Emergency prevention procedures and response plans must be communicated with all workplace parties and known external interested parties, including specific training for any person with defined duties or responsibilities in relation to the procedures or plans.

5.2.8 Documentation

5.2.8.1 The organization shall establish, implement, monitor and maintain a procedure for the control of documents and retention of records.

5.2.8.2 The occupational health and safety management system documentation shall include, as a minimum:

  1. description of the Scope for which the occupational health and safety management system is applicable
  2. the OHS Policy, objectives and leading and lagging performance measures
  3. description of the main elements, their interaction, and reference to related documents
  4. documents and records required by this Standard
  5. documents and records determined by the organization to be necessary for planning, implementation, control, evaluation and overall management of the occupational health and safety management system

5.2.8.3 The creation, collection, retention and distribution of documents and records shall comply with all applicable legal requirements, collective agreements and organizational policies, as appropriate.

5.2.9 Control of documents

5.2.9.1 The organization shall establish, implement, monitor and maintain a procedure to:

  1. ensure documents are approved prior to issue
  2. identify, store, protect, retrieve, retain and dispose of documents
  3. ensure identification and description (e.g. a title, date, author, version control, or reference number)
  4. ensure relevant versions of applicable documents are readily available
  5. ensure documents remain legible, and readily identifiable

5.2.10 Control of records

5.2.10.1 The organization shall establish, implement, monitor and maintain a procedure to:

  1. maintain records as necessary to demonstrate conformity to the requirements of its occupational health and safety management system and this Standard
  2. identify, store, protect, retrieve, retain and dispose of records
  3. ensure protection of privacy and confidentiality, as appropriate, and
  4. ensure records are, and remain, legible, identifiable and tracked

5.2.11 Management of change

5.2.11.1 The organization shall establish, implement, monitor and maintain a procedure to identify and eliminate hazards and assess and control risk(s) associated when:

  1. there is a significant change to its work processes, control measures, procedures, equipment, organizational structure, staffing, products, workplace parties, physical locations or services
  2. new products, processes or services are introduced
  3. new developments in OHS knowledge or technology is available and introduced, or
  4. there are changes to OHS legislation, other requirements and, where applicable, agreements

5.2.11.2 The organization shall ensure a hazard identification, risk assessment and determination of controls in accordance with Section 5.2.2 of this Standard is conducted prior to any Management of Change.

5.2.11.3 Any Management of Change shall be communicated to affected parties.

5.2.11.4 The organization shall provide information for any affected workplace party.

5.2.12 Procurement

5.2.12.1 The organization shall establish, implement, monitor and maintain a procedure to evaluate and manage the procurement of products, supplies, equipment, materials and other goods and services.

5.2.12.2 The procedure or process for identifying hazards, assessing risks and determining controls of procured goods and services shall follow the same methodology established, implemented, monitored and maintained for Section 5.2.2 of this Standard.

5.2.13 Management of contractors

5.2.13.1 The organization shall establish, implement and maintain criteria to monitor and evaluate contractors on OHS performance during all phases of the work.

5.2.13.2 The criteria shall address, as a minimum:

  1. the identification of hazards and control of risks, and the competency and ability of the contractor to control the risk(s) to the organization’s workers arising from the contractor’s activities and materials
  2. the identification of hazards, control of risks, and the competency and ability of the contractor to control the risk(s) to the contractor and the contractor’s workers arising from the organization’s activities and materials, and
  3. communication with contractors when there are changes affecting the specific work or circumstances surrounding the work.

5.2.13.3 At multi-employer workplaces or multi-contractor worksites, the organization shall establish, implement, monitor and maintain a documented procedure for, and lead the coordination and integration of, relevant portions of the organization’s occupational health and safety management system with the affected contractors.

5.3 Evaluation

5.3.1 Performance measuring and monitoring

5.3.1.1 The organization shall establish, implement, monitor and maintain a process to monitor and measure the organization’s OHS performance, and management of, the occupational health and safety management system on a regular basis.

5.3.1.2 The process be reflective of the scope of the operations and/or activities of the OHSMS and provide for:

  1. methods for monitoring, measurement, analysis and performance evaluation, as applicable to ensure valid results. This may include, qualitative and quantitative measurement methodologies and leading and lagging measures
  2. monitoring the extent to which the organization’s OHS policy and objectives are being met
  3. conformance to the occupational health and safety management system
  4. monitoring and the effectiveness of the control measures
  5. the extent to which legal and other requirements are fulfilled

5.3.1.3 The results of these measurements shall be recorded and communicated with interested workplace parties.

5.3.2 Incident investigation and analysis

5.3.2.1 The organization shall establish, implement, monitor and maintain a procedure to report, investigate, analyze, document and maintain records for incidents, which shall include::

  1. roles and responsibilities of the workplace parties involved in the investigation process, including management and workers and worker representatives
  2. determination of any underlying OHS deficiencies, including contributing factors around the occurrence of the incident;
  3. actions to mitigate any additional consequences of an incident
  4. identifying the need for corrective actions and opportunities for preventative actions
  5. identifying opportunities for continual improvement, and
  6. means of communicating investigation results and corrective actions to relevant interested parties

5.3.2.2 Investigations shall be conducted in a timely manner, and by a competent person, inclusive of subject matter experts, as appropriate.

5.3.3 Non-conformity, preventative and corrective action

5.3.3.1 The organization shall establish, implement, monitor and maintain a procedure to address actual and potential non-conformities with occupational health and safety management system requirements, such as, ineffective OHS risk controls, corrective actions, and preventative actions.

5.3.3.2 The procedure(s) shall define the requirements for:

  1. identifying and correcting actual non-conformities and investigating the root cause
  2. identifying and preventing potential non-conformities
  3. conducting a hazard identification and risk assessment of the recommended actions to identify any potential hazards that may be created as a result of the corrective or preventative actions prior to implementation
  4. ensuring corrective and / or preventative  actions are assigned, implemented and tracked to ensure they prevent and / or correct the occurrence of a non-conformity
  5. recording, tracking and communicating the corrective and preventative actions taken to the affected workplace parties
  6. ensuring all affected elements as a result of the implemented corrective and preventative actions are updated in the occupational health and safety management system, and
  7. monitoring, assessing and evaluating the effectiveness of the implemented corrective and preventative actions

5.3.4 Internal audit

Note: Third party audit requirements are separate and in addition to internal audit requirements, as identified in the occupational health and safety management system. Third party audit criteria are outlined in the CPO Employer Recognition Criteria.

5.3.4.1 The organization shall establish, implement and maintain an audit program to ensure internal audits are conducted at regular and planned intervals.

5.3.4.2 The audit program shall be based on the requirements within the occupational health and safety management system along with results of previous audits.

5.3.4.3 The audit program shall identify the responsibilities, competencies and selection of the audit team(s) and lead auditor(s).

5.3.4.4 The audit program shall include:

  1. Responsibilities for the audit team(s) and / or lead auditor(s);
  2. Provisions for defining the audit scope;
  3. Identifying the frequency of audits;
  4. Planning requirements such as evidence gathering and analysis
  5. Documentation and reporting of audit findings;
  6. Take action to address nonconformities and continually improve OHS performance;
  7. Consultation and participation of workers, or worker representatives, in the audit program; and
  8. Communication with relevant interested parties.

Note: For more information on audit requirements and competence expectations for auditors refer to ISO 19011 — Guidelines for auditing management systems.

5.3.4.5 The purpose of the audits is to objectively:

  1. monitor and verify the extent to which the occupational health and safety management system has been implemented and maintained
  2. determine whether the occupational health and safety management system is effective in meeting the organization’s policy and objectives
  3. identify:
    1. good practices
    2. areas of improvement, and
    3. non-conformities
  4. determine and assign appropriate corrective actions to a competent person and track through to completion, and
  5. provide audit results to affected workplace parties or known interested parties

5.3.5 Management review

5.3.5.1 Senior Management shall review the organization’s occupational health and safety management system at regularly planned intervals to verify and ensure its continuing suitability, adequacy and effectiveness.

5.3.5.2 The reviews shall include:

  1. an assessment of the opportunities for improvement of the occupational health and safety management system, inclusive of the need for changes to the OHS Policy and/or objectives
  2. identification of emerging issues or trends, and best available methods, technologies, and procedures to address residual risk, and
  3. implementation strategy for continual improvement

5.3.5.3 Management reviews shall be documented, and records be retained.

5.3.5.4 Input to management reviews shall include consideration of the following OHS information:

  1. results of:
    1. audits
    2. evaluations of compliance with legal and other requirements as applicable to the workplace
    3. communication received from, and participation with, workers and worker representatives
    4. incident trends
    5. communication received from external interested parties
  2. the extent to which objectives of the occupational health and safety management system, OHS Policy and performance have been met
  3. effectiveness of procedures and processes to identify hazards, assess, prioritize, and control risks, including progress in the sustained or improved reduction of risk
  4. status and results of incident investigations, including any trends identified, corrective actions and preventative actions;
  5. follow-up actions from previous management reviews
  6. changing circumstances, including developments in legal and other requirements related to the organization’s OHS; and
  7. recommendations for improvement

5.3.5.5 Outputs from the management review must be consistent with the organization’s commitment to continual improvement, and include decisions and actions related to:

  1. OHS performance, OHS policy and objectives, and the need for change, if any, and
  2. allocation of resources to achieve the improvements

5.3.5.6 The organization shall establish, implement and maintain a process for recording and communication of the management review to all relevant parties, inclusive of workers or worker representatives (if applicable).